package com.xuelangyun.form.security.exterauth.interceptor;


import java.util.Set;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.xuelangyun.form.exterauth.entity.SysExterAppApiEntity;
import com.xuelangyun.form.exterauth.entity.SysExterAppTokenApiEntity;
import com.xuelangyun.form.exterauth.service.ISysExterAppService;
import com.xuelangyun.form.exterauth.service.ISysExterAppTokenService;
import com.xuelangyun.form.exterauth.service.ISysExterPermsService;
import com.xuelangyun.form.security.exterauth.annotation.AppPerm;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.AsyncHandlerInterceptor;

import com.xuelangyun.form.common.exception.DyformException;
import com.xuelangyun.form.common.utils.HttpContextUtils;
import com.xuelangyun.form.security.exterauth.annotation.NoLogin;

/**
 * 权限(Token)验证
 * @author weiqing.hk
 * 
 * @date 2024--03-23 15:38
 */
@Component
public class AuthorizationInterceptor implements AsyncHandlerInterceptor {
  

    public static final String APP_KEY = "appId";
    
    public static final String TOKEN_HEADER = "tr-app-token";
    
    @Autowired
    private ISysExterAppService exterAppService ;
    
    @Autowired
    private ISysExterAppTokenService exterAppTokenService ;
    
    @Autowired
    private ISysExterPermsService exterPermService;
     

    /**
     * 2024-04-17 修改 注解了 NoLogin的方法将不严重是否登录
     */
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        NoLogin annotation;
        AppPerm aperm;
        if(handler instanceof HandlerMethod) {
            annotation = ((HandlerMethod) handler).getMethodAnnotation(NoLogin.class);
            aperm = ((HandlerMethod) handler).getMethodAnnotation(AppPerm.class); 
        }else{
            return true;
        }

        if(annotation != null){
            return true;
        }

        //获取用户凭证
        
        String token = HttpContextUtils.getRequestToken(request,TOKEN_HEADER);
     

        //凭证为空
        if(StringUtils.isBlank(token)){
            //throw new RRException(jwtUtils.getHeader() + "不能为空", HttpStatus.UNAUTHORIZED.value());
            throw new DyformException("请先登录", HttpStatus.UNAUTHORIZED.value());
        }
         
     /*   Claims claims = jwtUtils.getClaimByToken(token);
        if(claims == null){
            throw new RRException(jwtUtils.getHeader() + "失效，请重新登录", HttpStatus.UNAUTHORIZED.value());
        }*/
        
        // user 存在说明还在有效期并且用户存在
        SysExterAppTokenApiEntity appToken = exterAppTokenService.queryByToken(token);
        
		if(appToken == null  ) {
			throw new DyformException("请先登录", HttpStatus.UNAUTHORIZED.value());
		}
		
		SysExterAppApiEntity app = exterAppService.getById(appToken.getAppId());
		if(app == null  ) {
			throw new DyformException("请先登录", HttpStatus.UNAUTHORIZED.value());
		}
		if(app.getStatus() == 0) {
			throw new DyformException("当前账号已被禁用", HttpStatus.UNAUTHORIZED.value());
		}
 		
		request.setAttribute("app", app);
        
        //判断权限perm
        if(aperm != null){
        	
        	String perm = aperm.value();
        	 
        	
        	// 判断此处基于角色还是基于具体的权限码
        	if(perm != null && !perm.trim().isEmpty()) {
        		Set<String> perms = exterPermService.queryByApp(app.getId());
        		if(perms == null || !perms.contains(perm)) {
            		throw new DyformException("操作失败，您当前无此权限!", HttpStatus.UNAUTHORIZED.value());
            	}
        	}
        	 
        } 

        //设置userId到request里，后续根据userId，获取用户信息
        request.setAttribute(APP_KEY, app.getId());

        return true;
    }
}
